SimpleX – an end-to-end encrypted messaging app that its founder touts as the first and possibly the only one that operates without any identifiers – has rolled out a new version.
The messaging and application platform, which those developing it say doesn’t even use random numbers or cryptographic keys to identify user profiles (in addition to not requiring phone numbers and usernames) has several new features in version 5.8 that was released earlier this month.
Related: No Phone Numbers. No Usernames. A Possible Game-Changer For Private Messaging.
The focus of the upgrade has been to enhance the product by tackling one segment of user privacy protection that had not been properly addressed, despite the effort to eschew various kinds of identifiers.
That segment has to do with message routing and IP addresses. In different scenarios, recipients were able to see and track IP addresses of senders – a major drawback and criticism received by this privacy and security-focused app.
Using a VPN or Tor was a transport overlay network workaround, but SimpleX developers opted out of now embedding Tor in the app, despite the many similarities they share through incorporating various methods of IP address protection.
The reasons for this decision are primarily some of the habitually weak points of Tor, such as latency, the resources it uses, and error rates. On top of that, there are jurisdictions around the world that ban or restrict the use of this particular overlay network.
Importantly, perhaps, as the post notes, Tor “doesn’t solve the problem of meta-data correlation by user’s transport session” – and working around this problem requires even more resources.
For that reason, SimpleX, while announcing plans to continue to support Tor and other overlay networks, opted for a new private message routing protocol that “provides IP address and transport session protection out of the box.”
According to SimpleX, while building on the Tor design, this new method means that the forwarding relay is always chosen by the sender and the second by the recipient.
“In this way, neither side of the conversation can observe IP address or transport session of another,” the post explained.
Another advantage of the new protocol is the forwarding relay preventing man-in-the-middle attacks, via cryptographic signing that allows the client to “verify that the messages are sent to the intended destination, and not intercepted.”
Other new features include customizable Android and desktop themes and more group options that allow sending images, files, and media, “and also SimpleX links only to group administrators and owners.”